Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/437d3c38-c370-4afe-a444-07ee5ee1ed9f.roa
File: 437d3c38-c370-4afe-a444-07ee5ee1ed9f.roa (raw, json)
Hash identifier: A/fN44Wr+gPVQWzGC5C4dkKfeBtTYh0N1fK8JF/iMg0=
Subject key identifier: 64:9F:5D:5E:1A:FC:83:EE:BE:0C:D0:08:BD:82:DE:85:CD:B4:93:96
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 4CC73EAD081D85993C22DFBEB41F7DCF1419D950
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/437d3c38-c370-4afe-a444-07ee5ee1ed9f.roa
Signing time: Fri 03 Oct 2025 00:12:52 +0000
ROA not before: Fri 03 Oct 2025 00:12:52 +0000
ROA not after: Fri 07 Nov 2025 23:59:59 +0000
asID: 8987
IP address blocks: 2600:1ff1:2000::/40 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4c:c7:3e:ad:08:1d:85:99:3c:22:df:be:b4:1f:7d:cf:14:19:d9:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Oct 3 00:12:52 2025 GMT
Not After : Nov 7 23:59:59 2025 GMT
Subject: serialNumber=d14da04f79bd36ce5150f3d62cd545fd2f0bdec52e67464dd3fa750807bb34f8, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:a4:c4:82:cd:b2:2b:bc:be:1c:8f:02:66:43:
b0:1c:95:1a:58:05:8c:f3:74:3b:36:62:91:72:c8:
a9:bb:c4:7f:8e:fb:00:1e:8e:2e:fa:fa:cc:49:1d:
1d:9c:8b:50:88:8b:75:4e:da:79:cb:9e:d1:dc:96:
fa:f2:3a:46:2c:b5:1e:cd:b7:71:73:01:eb:f8:93:
73:c3:19:85:42:ad:48:16:f3:61:e2:51:9f:36:39:
b6:44:7b:1f:92:bd:83:ee:ab:61:9f:5d:12:94:c2:
d9:f2:ea:9f:9b:b7:e1:b4:3d:4b:a0:83:31:91:fe:
b3:41:0b:e7:c7:a9:23:4f:74:a8:c4:d1:83:17:31:
3e:76:73:c9:24:43:76:48:c8:5c:f7:f7:17:2a:91:
94:c2:0a:39:be:f7:bb:e1:1e:e3:ce:3e:c0:9e:3a:
57:37:70:6e:3d:22:ab:e4:aa:c0:73:91:99:9a:1c:
47:c5:f8:ed:f6:de:69:53:1f:f3:36:b0:cf:18:dc:
42:27:71:5d:0e:24:89:fc:e1:c1:47:ca:52:ca:cf:
38:14:3d:61:41:7b:21:95:7a:e2:f9:6d:83:0a:41:
a3:31:6f:97:aa:ac:a9:b9:85:7a:d4:b0:8e:ef:c4:
3e:a6:b4:1a:5d:62:16:70:28:1d:e7:d9:03:5b:5b:
b2:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:9F:5D:5E:1A:FC:83:EE:BE:0C:D0:08:BD:82:DE:85:CD:B4:93:96
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/437d3c38-c370-4afe-a444-07ee5ee1ed9f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2600:1ff1:2000::/40
Signature Algorithm: sha256WithRSAEncryption
ca:71:bb:0f:d1:4f:25:7e:57:00:c1:d3:98:5d:f0:38:ac:96:
93:55:63:a1:cf:11:a2:f8:7f:81:93:ba:8d:98:dd:1a:97:2a:
97:6f:87:5a:11:b8:74:f2:4e:40:e0:32:61:70:a6:90:2d:6c:
21:d0:7a:37:65:7f:ab:0c:58:3a:9d:73:30:65:ef:99:89:1b:
77:04:93:38:18:00:f4:65:6b:f4:28:7e:75:eb:2b:d0:f6:56:
45:7e:6f:dc:31:0a:88:1e:ca:62:2b:da:1c:76:52:32:98:42:
88:b1:35:70:a0:aa:19:a5:11:f5:0d:db:3a:6e:c2:10:d4:7e:
d9:ac:71:ce:c1:10:e3:e6:1d:fd:03:6d:46:af:e5:f1:fd:3c:
f5:8c:95:5c:65:2f:90:9c:7d:90:1f:ca:7d:e3:bd:8b:d6:aa:
77:72:b8:af:ee:3d:20:4d:b8:0e:c3:d5:80:d7:89:6a:20:95:
ed:d8:07:f6:b9:e0:83:0d:e1:8b:52:18:8f:cb:0c:44:d7:01:
a3:35:54:d2:f8:b3:0d:e1:57:40:a4:4b:85:7d:aa:9c:9a:4a:
63:de:4c:71:cc:f5:af:f3:1e:ab:cd:0f:3c:c7:ca:19:cb:6e:
23:a6:82:ae:37:96:c7:58:d5:6a:47:59:4f:cb:fa:5c:ca:c9:
ce:8d:04:ef
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIUTMc+rQgdhZk8It++tB99zxQZ2VAwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDAzMDAxMjUyWhcNMjUxMTA3MjM1OTU5
WjB6MUkwRwYDVQQFE0BkMTRkYTA0Zjc5YmQzNmNlNTE1MGYzZDYyY2Q1NDVmZDJm
MGJkZWM1MmU2NzQ2NGRkM2ZhNzUwODA3YmIzNGY4MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDUpMSCzbIrvL4cjwJmQ7AclRpYBYzzdDs2YpFyyKm7xH+O
+wAeji76+sxJHR2ci1CIi3VO2nnLntHclvryOkYstR7Nt3FzAev4k3PDGYVCrUgW
82HiUZ82ObZEex+SvYPuq2GfXRKUwtny6p+bt+G0PUuggzGR/rNBC+fHqSNPdKjE
0YMXMT52c8kkQ3ZIyFz39xcqkZTCCjm+97vhHuPOPsCeOlc3cG49IqvkqsBzkZma
HEfF+O323mlTH/M2sM8Y3EIncV0OJIn84cFHylLKzzgUPWFBeyGVeuL5bYMKQaMx
b5eqrKm5hXrUsI7vxD6mtBpdYhZwKB3n2QNbW7LvAgMBAAGjggKzMIICrzAdBgNV
HQ4EFgQUZJ9dXhr8g+6+DNAIvYLehc20k5YwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzQzN2QzYzM4LWMzNzAtNGFmZS1hNDQ0LTA3ZWU1ZWUxZWQ5Zi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgAmAB/xIDANBgkqhkiG9w0BAQsFAAOCAQEAynG7D9FPJX5XAMHTmF3wOKyW
k1Vjoc8Rovh/gZO6jZjdGpcql2+HWhG4dPJOQOAyYXCmkC1sIdB6N2V/qwxYOp1z
MGXvmYkbdwSTOBgA9GVr9Ch+desr0PZWRX5v3DEKiB7KYivaHHZSMphCiLE1cKCq
GaUR9Q3bOm7CENR+2axxzsEQ4+Yd/QNtRq/l8f089YyVXGUvkJx9kB/KfeO9i9aq
d3K4r+49IE24DsPVgNeJaiCV7dgH9rnggw3hi1IYj8sMRNcBozVU0vizDeFXQKRL
hX2qnJpKY95Mccz1r/Meq80PPMfKGctuI6aCrjeWx1jVakdZT8v6XMrJzo0E7w==
-----END CERTIFICATE-----
Generated at Tue Oct 14 09:26:01 2025 by rpki-client